Shims for vararg functions: check that we get the right number of "fixed" arguments #4013
Labels
A-shims
Area: This affects the external function shims
C-bug
Category: This is a bug.
E-good-second-issue
A good issue to pick up if you've already seen some parts of Miri, mentoring is available
Most Miri shims use
check_shim
to ensure they are called with the right ABI and right number of arguments. However, some shims emulate vararg functions. There, we currently separately callcheck_abi_and_shim_symbol_clash
and thencheck_min_arg_count
,however, that misses potential UB: when a function, likeopen
, is declared with 2 fixed args followed by varargs, then it is crucial that the caller uses a signature that actually involves 2 fixed args followed by varargs. If someone were to, say, declare this function asand then call it as
open(path, flags)
, that is Undefined Behavior!Similarly, non-vararg shims can actually currently be invoked with a vararg import, which should also be detected as UB.
Unfortunately,
emulate_foreign_item
is not even given enough information to detect this -- we are given a slice ofargs
, but we don't learn how many of those were passed as fixed args vs varargs. So this requires changing the rustc side of this to pass more information tofind_mir_or_eval_fn
-- basically, we should pass down the fullFnAbi
.The text was updated successfully, but these errors were encountered: